• kevinsky@feddit.nl
    link
    fedilink
    arrow-up
    24
    ·
    24 hours ago

    The amount of people that leave things like youtube logged in on hotel room tv’s is also moderately staggering.

    • titanicx@lemmy.zip
      link
      fedilink
      arrow-up
      6
      arrow-down
      3
      ·
      10 hours ago

      Probably because most the TVs are designed to auto logout after check out. So when you run into one that isn’t it’s weird.

      • Prathas@lemmy.zip
        link
        fedilink
        arrow-up
        3
        ·
        8 hours ago

        Interesting. I’ve actually never heard of them automatically logging out. That’s partly why I am hesitant to log in in the first place.

    • RagingRobot@lemmy.world
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      10 hours ago

      Does it really matter to anyone other than the streaming companies?

      If the next guy at the hotel watches my HBO why would I care?

      Worst case scenario I lose my spot in a show.

      • Axolotl@feddit.it
        link
        fedilink
        arrow-up
        1
        ·
        9 hours ago

        And lose your account and your google account if it’s youtube like the commenter said

    • Fedizen@lemmy.world
      link
      fedilink
      arrow-up
      9
      ·
      23 hours ago

      Tv and app creators I feel like are also a bit responsible for this by not making it easy to do timed logouts when you log into a device for the first time. Unless you have a mental or physical checklist going its not a high priority

    • Sc00ter@lemmy.zip
      link
      fedilink
      arrow-up
      3
      ·
      19 hours ago

      We just stayed at a disney resort a few weeks ago. The tv prompted us to sign into OUR disney+ account…

        • Sc00ter@lemmy.zip
          link
          fedilink
          arrow-up
          1
          ·
          3 hours ago

          I used it to indicate my trailing thought. I had more written, but cut it off.

          Also, no one cares about your grammar policing and it contributes nothing to the conversation

  • edgyspazkid@lemmy.wtf
    link
    fedilink
    arrow-up
    2
    arrow-down
    2
    ·
    10 hours ago

    A few days ago I though 2FA didn’t worked for lemmy but I just didn’t have timezone or something and that’s why I couldn’t login.

    <-- Aegis is goated

  • Art3mis@lemmy.world
    link
    fedilink
    arrow-up
    19
    ·
    1 day ago

    This is peak timothy behavior. You know he went home to absolutely destroy his younger sibling in halo

      • axx@slrpnk.net
        link
        fedilink
        arrow-up
        6
        ·
        19 hours ago

        Briefly: look into sim swapping, which is the most obvious, day to day risk.

        Then there’s SS7 and how inherently trusting the whole system is.

        Then depending on where you are, some mobile networks still have terrible link encryption (were talking so bad a normal laptop is enough these days to break it on the fly). Granted, this is rare these days, in part thanks to the efforts of Karsten Knohl, SRLabs and other security researchers who did a lot to shine a light on this and SS7

        Not sure how up to date it still is, but https://gsmmap.srlabs.de/ shows how unequal networks are.

        • Prathas@lemmy.zip
          link
          fedilink
          arrow-up
          1
          ·
          8 hours ago

          This is becoming less of an issue as US Mobile has anti-SIM-hijacking protection; hopefully other carriers will follow suit. Of course, the carriers themselves can still read your msgs, but so can WhatsApp, probably (despite their claims to the contrary).

        • Hawke@lemmy.world
          link
          fedilink
          arrow-up
          2
          arrow-down
          3
          ·
          11 hours ago

          That’s all sms though, not 2fa in general.

          All valid points and good information within that scope.

          • Appoxo@lemmy.dbzer0.com
            cake
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            edit-2
            10 hours ago

            (…) and sms is an insecure system to begin with.

            citation needed on the second half

            That’s all sms though, not 2fa in general.

            Are you an LLM?

            • Hawke@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              edit-2
              10 hours ago

              It’s been edited, bud. Originally it said that 2fa in general is insecure.

                • Prathas@lemmy.zip
                  link
                  fedilink
                  arrow-up
                  3
                  ·
                  8 hours ago

                  I don’t think the original text before edits is viewable by anyone other than possibly instance admins.

    • Aniki@feddit.org
      link
      fedilink
      arrow-up
      15
      arrow-down
      1
      ·
      1 day ago

      best to always use incognito browser on public devices. when you close the browser, it logs you off automatically.

    • T00l_shed@lemmy.world
      link
      fedilink
      arrow-up
      8
      ·
      1 day ago

      Maybe that’s the name he uses so people think he is called timothy! And it wasn’t a sprint store! Classic misdirects

  • MidsizedSedan@lemmy.world
    link
    fedilink
    arrow-up
    6
    arrow-down
    1
    ·
    1 day ago

    A non-tech store had some iPhones and iPads on display. No internet. But it COULD connect to my phone hotspot. Wish I did something more than just download a rainbow six siege pic and set it as the wallpaper, but they took down that demo for I think close to a month.

  • Sundray@lemmus.org
    link
    fedilink
    English
    arrow-up
    21
    ·
    edit-2
    1 day ago

    Ok, you’ve hacked me.

    I hope you’re ready for what you’re about to see.

  • toynbee@piefed.social
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 day ago

    Back when I was in college, I was young and dumb enough that I’d login to AIM on the college computers. (Nowadays I won’t login to personal accounts on anything I don’t fully control. I’m always surprised by coworkers who check their bank accounts, social media, personal email, etc. on their work laptops.)

    Anyway, even at the time I was pretty good at logging out when I left each computer, but once I forgot. The next time I logged in, I was surprised to discover that my entire buddy list had been cleared. I never understood the motivation behind doing so. I don’t think it was particularly funny but, even if it were, it’s not like the perpetrator got to see my reaction or even to point and laugh.

    I did learn a lesson from it, but presuming that that was the mission of whomever did it feels … Generous.

      • toynbee@piefed.social
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 day ago

        You shouldn’t.

        If the goal was to teach me a lesson, there were less destructive ways to do it.

        If the goal was to troll, well, that’s without redeeming qualities.

        • Art3mis@lemmy.world
          link
          fedilink
          arrow-up
          4
          ·
          1 day ago

          Clearing someones list is a little far, but putting a selfie on their timeline or putting something dumb in their bio is harmless and makes me chuckle and if they cared about their shit theyd log out lmao

    • TORFdot0@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      edit-2
      1 day ago

      Do you blame the locksmith if you lose your keys?

      I could take the locks off the door to my house but then I can’t be mad when I get robbed

      Edit: I hope that the lesson learned is about needing to have multiple forms of MFA and a safe location for back up codes, like you would have multiple sets of keys and maybe a key box hidden in a safe place. Not blaming you for not realizing it at the time, it’s not something one would think about until it’s too late. It’s not like we had our parents to teach us about MFA best practices like you might have for house keys

      • Herbal Gamer@sh.itjust.works
        link
        fedilink
        arrow-up
        2
        ·
        1 day ago

        True but also I wasn’t there when other people had to clear out my apartment so I didn’t have much of a clue wether or not it would be saved.

        Still know my pw managers pw by heart and have my gmail account pw written down but not that actual code, no.

      • PotatoesFall@discuss.tchncs.de
        link
        fedilink
        arrow-up
        3
        arrow-down
        2
        ·
        1 day ago

        Google doesn’t give you codes. They don’t even tell you that they enabled 2FA. If you log in on an android device, they will automatically enable it for 2FA, and for some reason they assume you will have access to this phone until the end of time, even if you haven’t turned it on in months. The only way to go around this is to set up 2FA manually.

        Google has locked so many people I know out of their accounts it’s ridiculous.

          • PotatoesFall@discuss.tchncs.de
            link
            fedilink
            arrow-up
            1
            ·
            8 hours ago

            Yeah if you’re smart with the computor like me and you then you keep your 2FA backup somewhere. But if you’re just a normal person, it doesn’t occur to you. Google doesn’t even do a very good job reminding you to properly set up 2FA in the first place.